Re: Security & Encryption FAQ - Revision 18

Doctor Who wrote in news::

> -----BEGIN PGP SIGNED MESSAGE-----
>
> Security and Encryption FAQ - Revision 18
>

snip

> Privacy.Li offer an SSH encrypted connection with port forwarding
> through either of their own servers. One server is in The Netherlands
> and the other is in Hong Kong. Both well outside the control of either
> the American or British snoops. The cost of connection is around 100
> Euros per year per server. By paying in E-Gold or via DMT/ALTA it is
> a truly anonymous sign-up. I strongly recommend them if your needs
> are for total privacy.



Doctor, I have a question about the above paragraph and a couple other
questions and maybe a comment or two.


1. Why would you want to pay 'anonymously' for a service like privacy.li
when they they would be able to pinpoint you via your IP when you use
their port forwarding services? Are you suggesting connecting to their
service through a proxy? It seems strange that you trust them to provide
privacy and in them keeping your NET habbits secret, but you talk of
purchasing the service anonymously, like they're not going to know who
you are if you do. They still will know your IP even if they don't know
your identity. True identity and Real IP can be very close to the same
thing sometimes.


2. Can you explain the procedure to aquire your DMT/ALTA or your E-gold
account anonymously?


3. I see you added a list of usenet apps to make doing various tasks on
usenet easier. I don't understand what this has to do with privacy or
security. If a particular app is known to be a privacy/security risk
then It should be mentioned so as to be avoided.


I'd like to see you talk about chaining socks and socks apps a little
more. Things you mention in the faq tend to become very interesting and
informative topics of discussion elsewhere.


Thanks again for the update.

know-doubt about it

Doctor Who wrote in news::

> -----BEGIN PGP SIGNED MESSAGE-----

Snip
>
> True a legal warrant would force them to reveal their logs and then
> the relevant authority could indeed trace and pursue you. In defence
> of Privacy.Li it would mean a cross border or rather a cross
> international border application of this Warrant to do this.




Thanks Doc,

What you said is true. The unknown about privacy.li is who they are. They
may not be a business providing services. They might be an operation
looking for rotten eggs. In which case, a warrant isn't needed.


What about cotse? The owner is very visible in various places promoting
his services. He's so visible you might almost call his diatribe spam. LOL


Something else I want to ask. Windoze NTFS has encryption, why not mention
that in the faq? With so many PC's running XP professional or NT out
there, NTFS security could at least be mentioned as a first step in
protecting information.

know-doubt about it

On 4 Mar 2004 10:40:15 -0600, "know-doubt about it" <> wrote:

>octor Who wrote in news::
>:
>:> -----BEGIN PGP SIGNED MESSAGE-----
>:
>:Snip
>:>
>:> True a legal warrant would force them to reveal their logs and then
>:> the relevant authority could indeed trace and pursue you. In defence
>:> of Privacy.Li it would mean a cross border or rather a cross
>:> international border application of this Warrant to do this.
>:
>:Thanks Doc,
>:
>:What you said is true. The unknown about privacy.li is who they are. They
>:may not be a business providing services. They might be an operation
>:looking for rotten eggs. In which case, a warrant isn't needed.

Absolutely true. Which must apply of course to any other operator to whom you
entrust your privacy. Privacy.Li are no riskier in this respect than anybody
else. Prudence is required here.

>:
>:What about cotse? The owner is very visible in various places promoting
>:his services. He's so visible you might almost call his diatribe spam. LOL

Never used the service. But it certainly looks interesting. I note he does
allow anonymous signups with Egold, so might be worth investigating.

>:
>:Something else I want to ask. Windoze NTFS has encryption, why not mention
>:that in the faq? With so many PC's running XP professional or NT out
>:there, NTFS security could at least be mentioned as a first step in
>rotecting information.

Well, truthfully I am very fearful of Mr Gates and his operating system. If
anybody may be working hand in glove with the TLA's he is my first candidate.

That aside, yes, it is certainly worth implementing. But not on its own IMHO.

If I have something I want to keep secret, I would far, far prefer it trusted to
a dedicated security program rather than an OS that issues weekly updates to try
and plug the many security flaws in its implementation.

Doctor Who

Doctor Who